Many MFA fatigue attacks happen worldwide, and it's the news everywhere. Organizations are scared that users give access to attackers when they get an MFA request notification and press approve by accident. So how to prevent MFA fatigue attacks? In…
There are no TLS settings configured on a new Windows Server install. Therefore, you must configure TLS on Windows Server with a GPO, manually with the registry editor, or with PowerShell. In this article, you will learn how to check…
Microsoft released several Security Updates (SUs) for Microsoft Exchange Server to address vulnerabilities. Due to the critical nature of these vulnerabilities, we recommend that customers apply the updates to affected systems immediately to protect the environment. Note: These vulnerabilities affect…
Nartac Software releases IIS Crypto 3.3 on October 31, 2022. This IIS Crypto update adds TLS 1.3 for Windows Server 2022, new cipher suites, updated templates, including PCI 4.0 changes, and some minor fixes. Table of contentsIIS CryptoIIS Crypto supportIIS…
Security is essential, and most companies need to pay more attention to it. One is to avoid man-in-the-middle (MiTM) attacks and configure HSTS (HTTP Strict Transport Security) on Exchange Server. In this article, you will learn how to configure HSTS…
Microsoft Exchange Server depends on Internet Information Services (IIS). Sometimes you have to restart IIS, which you can do through IIS management or the console (Command Prompt or PowerShell). But what if you have more than multiple Exchange Servers running,…
A lot of bots attack the Exchange Server OWA and ECP page constantly. It's the (security) engineers task to secure and protect the Exchange Server OWA/ECP URLs from attacks. Measures such as Multi-Factor Authentication (MFA) or only making the OWA/ECP…
You must disable the account or change the user account password because a security breach occurred. The user has an Exchange mailbox linked to the account. Disabling the user in Active Directory and thinking that you are done now is…
Security is essential for every organization, so you should configure Multi-Factor Authentication (MFA) for every user in the Microsoft 365 tenant. Not only that but there are also other MFA options you need to enable to improve MFA security. In…
Every organization knows that security is essential and needs to be solid. Nowadays, every organization enables MFA and thinks that they are protected and done. Well, hold your horses because that's not the case. What if a user gets an…